CVE-2026-22188

5.5 MEDIUM

The deploy-stub component in Panda3D versions up to and including 1.10.16 contains a denial of service vulnerability due to unbounded sta...

Published: 2026-01-07 · Last updated: 2026-05-26

Severity and scoring

CVSS: 5.5 MEDIUM
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-457, CWE-789, CWE-908

Affected products

Vendor	Product
cmu	panda3d

Description

The deploy-stub component in Panda3D versions up to and including 1.10.16 contains a denial of service vulnerability due to unbounded stack allocation. The deploy-stub executable allocates argv_copy and argv_copy2 using alloca() based directly on the attacker-controlled argc value without validation. Supplying a large number of command-line arguments can exhaust stack space and propagate uninitialized stack memory into Python interpreter initialization, resulting in a reliable crash and undefined behavior.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-22188
[Other]https://github.com/panda3d/panda3d
[Exploit reference]https://seclists.org/fulldisclosure/2026/Jan/9
[Other]https://www.panda3d.org/
[Other]https://www.vulncheck.com/advisories/panda3d-deploy-stub-stack-exhaustion-via-unbounded-alloca

Related CVEs

Same vendor

CVE-2026-35467 — The stored API keys in temporary browser client is not marked as protected allowing for JavScript console or other errors to allow for ex... (7.5 HIGH)
CVE-2026-35466 — XSS vulnerability in cveInterface.js allows for inject HTML to be passed to display, as cveInterface trusts input from CVE API services (6.1 MEDIUM)
CVE-2026-22190 — The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains an uncontrolled format string vulnerability (7.5 HIGH)
CVE-2026-22189 — The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains a stack-based buffer overflow vulnerability due to use of... (9.8 CRITICAL)

Same CWE

CVE-2026-44967 — OpenTelemetry-cpp is the C++ implementation of OpenTelemetry (5.3 MEDIUM)
CVE-2026-47734 — Dulwich is a pure-Python implementation of the Git file formats and protocols (5.7 MEDIUM)
CVE-2026-10142 — kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in the protocol parser that allows a malicious broker or machine-i... (7.5 HIGH)
CVE-2026-52759 — Ghidra before 12.1.1 contains an uncontrolled memory allocation vulnerability in the Mach-O binary parser that allows attackers to cause ... (5.5 MEDIUM)
CVE-2026-52753 — Ghidra before 12.0.3 contains an out-of-memory vulnerability in the rust_demangle function that allocates unbounded output buffers withou... (5.5 MEDIUM)